"To help protect House data, our IT policy generally prohibits the use of peer-to-peer (P2P) technologies while operating within the secure network," a spokesman for the Office of the Chief Administrative Officer told POLITICO this week. "While Spotify is currently not authorized, the CAO has and will continue to work with outside vendors to enable the popular services that improve member communication capabilities."

Not surprisingly, this has led to complaints from Spotify, but also from the RIAA, which finds the whole thing preposterous:

RIAA CEO Cary Sherman wrote to the Hill Tuesday to explain why Spotify shouldn't violate the House's IT policy and to lend a hand in getting the decision reversed: "These services are safe and secure, and assuring access to them not only respects the contractual relationship users may have with these services, but also achieves an important public policy goal of promoting legal, safe digital providers," Sherman wrote.

That's nice and all... though it's entirely possible the reason that there's a ban on P2P technology in the House is... due to the RIAA's own efforts in years past. You may recall that, the RIAA, MPAA and other copyright maximalists have pushed for Congressional hearings on just how evil P2P technology is, and why there need to be more laws about it. Ali Sternburg, at the DiscCo Project has the details:

She admits this is not definitely why it's banned, but it does seem notable. Perhaps, next time, rather than vilifying broadly usable technology, the RIAA and others might recognize that it can actually be the solution to their challenges as well. Nah... that'll never happen.

Re:

I suspect this is the blowback from having so much power. In their drunk on power trips they have created laws that are killing themselves, laws that are going to come back to haunt them. This applies to a lot of lobbyists from industry to employment to political policy.

Threw the baby out the window already...

...which is interesting because I thought Spotify was basically internet radio or a music locker service rather than a P2P sharing application. The ban in question doesn't even seem to apply to Spotify.

Re: Hey, waitaminute!

I'd be all for Congressmen being prohibited by law from drafting, backing, proposing, or voting on a bill unless they can individually demonstrate a clear and thorough understanding of all subjects and topics that the bill touches on.

I realize this would bring Congress to a complete standstill, but I still can't see a down side.

And...?

I'll be honest, I'm surprised Spotify was available in the first place. The key phrase is "while operating within the secure network". There might not be an exploit that uses Spotify yet, but odds are it's coming. In the meantime, Spotify is a media streaming service that is eating up House bandwidth, which is likely extremely limited.

The P2P justification is stupid, but that doesn't mean Spotify should be on House computers.

Re: And...?

Re: Re: And...?

No, The Houses won't be limited by the shitty broadband capabilities of the unwashed masses.

I have no doubt that the entire Congressional network is running on high quality, blazing fast fiber-optic cable... right into some massive choke point that loads Google at the rate of molasses and goes down every other week.

Re: Re: Re: And...?

Re: And...?

The key phrase is "while operating within the secure network".

The P2P justification is stupid, but that doesn't mean Spotify should be on House computers.

Agreed. Even if any P2P should be available in such network, it'll need to be extra precaution measures in such networks, which means more work for admin, and cos we're talking about gov agencies, more tax payer money spent on it.

Re: Re: And...?

How does spotify work? I would ban anything that tries to publicly open ports. UPnP? That shouldn't be on in the first place. Is it a bandwidth issue? Does Spotify use a single port I can throttle?

Why do we even care about how the IT people decide to secure their workplace network? I don't see any difference between the government building and any business network, except that the government people may be trying to secure store and transfer classified documents...

Re: And...?

I agree with this completely. The first thing I thought of while reading the response given by the House IT was not so much that P2P was in violation just because it's a P2P technology, but that it was within their secure network and that regardless, it would be eating up bandwidth. I have placed similar policies in the networks I manage simply to maintain a fair bandwidth cost as P2P services and streaming services eat it up extremely quickly. Do I care if people use free and legal services? Not at all.... Do I care if they spends company dollars (or in this case, government dollars) with no benefit to the company? Absolutely.

Claiming that it's all something to do with a rejection of P2P and was implemented because they don't understand the technology seems to be far from the truth.

I Agree

While I appreciate the perceived irony, and I almost hate to say this, but I agree with their policy decision. If it were up to me, I would not allow the service either due to the P2P nature of implementation. While I'm not aware of any exploits, there is simply no justification to open another door to a possible avenue of abuse from either without or within for Spotify.

How many realize CNN uses P2P?

"Peer-to-peer (P2P) streaming technology has quietly gained acceptance from Turner Broadcasting’s CNN.com, which is using technology provider Octoshape Aps for some implementations of its online live feed."

Re:

It is driven by the fact that this exposes one of their lies. That P2P is bad and must be destroyed. I mean they can't have congress critters and the like, wondering if other things they have said are also untrue.

Alright, lets look at this from another direction. *WHY* should Spotify be allowed on a SECURE system? It's not an open system, and has no reason to be an open system. It's not like Congress just said "You can't use Spotify at home" or "Spotify is illegal". There is so much shit you can't access from government networks, adding another item to the list doesn't mean anything at all.

No Spotify

Spotify shouldn't be allowed on any government network or business network. The software is one massive tracking cookie and it uses considerable amounts of bandwidth. Our government networks don't need to wasted on seeding other Spotify users just because Spotify is too cheap to pay for their own bandwidth. And security on Spotify is known to be poor. It openly tracks you, and has been known to serve up ads with viruses in the past.

There is no reason to allow such an application on the government networks. There are plenty of other services that are easier on the network and safer to use.

Re: No Spotify

I see nothing wrong with Spotify, or any kind of internet radio at work, as long as your work is getting done.

If your boss bans it, just set up your own private VPN server at home, make a VPN connection to your home broadband connection, then connect to Spotify, from there, and the boss will never know what you are up to because the connection will be encrypted.

Re: Re: No Spotify

There is nothing wrong with internet radio, but Spotify is another story. Since it uses P2P. If you have a fast network at work, particularly fast in upload, Spotify will devour as much as it can. For reference, Pandora uses 64kbps for the free service, 192kbps for Pandora One. Spotify uses 160kbps for the free and unlimited services and 320kbps for Premium. And then it takes it a step further and seeds other users. It doesn't take many people using Spotify before the entire network slows down. Spotify also needs software to be installed on company computers. That is a security risk, no matter how big or small.

If a person wants to listen to an on-demand service at work, I usually recommend Rdio because it can be played without installing software and doesn't use P2P. If they just want radio, there are dozens of options out there.

Re: Re: Re: No Spotify

Re: Re: No Spotify

It most likely isn't the boss banning it, but the friendly admins from security. Further, the chances of it being banned on your work computer is fairly low, unless you work in restricted information. In this case, you really should have that info locked up in secure servers, rather than on your desktop.

While many raise a good point that spotify probably doesn't belong on a secure system - that's not the amusing part, nor even the point.

The amusing part, and indeed the point, is the RIAA (p2p enemy number one) saying the following about a p2p system:

"These services are safe and secure, and assuring access to them not only respects the contractual relationship users may have with these services, but also achieves an important public policy goal of promoting legal, safe digital providers,"

This makes it kind of problematic to continue claiming that p2p is the end of the world and the devil incarnate. It just doesn't add up.

keep going riaa/mpaa

Umm, I think you're missing the point...

Maybe, just maybe they're operating under the idea that their "protected" systems shouldn't be involved in providing data/ services on a public network...

Many of you seem to be operating under the illusion that you can trust your computer. You can't. It won't always behave the way you expect, especially when it can communicate with a public network. Network communications is never "safe", at best it's "mostly safe."

the entertainment industries and all associated industries are totally against everything that
a)they didn't think of
b)didn't think of using early enough
c)makes others money because they could see potential
d)were more concerned with adapting to changing markets than fighting like hell to obstruct them